Splunk Cloud and Splunk Enterprise 7.2

© 2019 SPLUNK INC.© 2019 SPLUNK INC.
Splunk Cloud and
Splunk Enterprise 7.2
Turn Data Into Business Outcomes

© 2019 SPLUNK INC.
During the course of this presentation, we may make forward-looking statements regarding future events or
the expected performance of the company. We caution you that such statements reflect our current
expectations and estimates based on factors currently known to us and that actual events or results could
differ materially. For important factors that may cause actual results to differ from those contained in our
forward-looking statements, please review our filings with the SEC.
The forward-looking statements made in this presentation are being made as of the time and date of its live
presentation. If reviewed after its live presentation, this presentation may not contain current or accurate
information. We do not assume any obligation to update any forward-looking statements we may make. In
addition, any information about our roadmap outlines our general product direction and is subject to change
at any time without notice. It is for informational purposes only and shall not be incorporated into any contract
or other commitment. Splunk undertakes no obligation either to develop the features or functionality
described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Listen to Your Data, The Engine for Machine Data, Splunk Cloud, Splunk Light and SPL are trademarks and registered trademarks of Splunk Inc. in
the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2019 Splunk Inc. All rights reserved.
Forward-Looking Statements

© 2019 SPLUNK INC.
Powered by AI and ML
Access to Expanding Data Universe
On-Premises
Cloud
Splunk delivers a holistic approach to turning data
into business outcomes
Any User, Anywhere
SecurityIT Business Users DevelopersIoT

© 2019 SPLUNK INC.
Easily Move any Data to
and from Splunk
Boost Performance, Scale
and Manageability
Limitless Investigation
and Exploration
Artificial Intelligence and Machine Learning Powering Splunk Platform
ANNOUNCING
Splunk Cloud and Splunk Enterprise 7.2

© 2019 SPLUNK INC.
Rolling
Upgrade
Dynamic Data:
Active Archive
Password Policy
Management
Breakthrough performance,
scale and manageability
Analyze Any Data
PCI and HIPAA
Compliance
Splunk Connect for
Kubernetes
Splunk Connect
for Docker
Kinesis Firehose
Integration
508 Accessibility
Limitless
Investigation and
Exploration
Event Annotation
AI & ML Across the Platform
Splunk Machine
Learning Toolkit
Experiment
Management
Framework
Kfold Validation
Data
Onboarding
Logs to Metrics
& Metrics
Workspace
SmartStore
& Workload
Management
More users
& less SPL
Splunk Cloud AND Splunk Enterprise 7.2

© 2019 SPLUNK INC.
Under the Hood

© 2019 SPLUNK INC.
Access to Expanding Data Universe

© 2019 SPLUNK INC.
4+ PB/Day Real Time Mission Critical
Schema on
Read
Online
Services
Networks
Call Detail
Records
Web
Services
Telecoms
Web
Clickstreams
Desktops
Online
Shopping CartSmartphones
and Devices
Custom
Applications
Storage
Containers Servers
GPS
Location
RFID
Packaged
Applications
Databases Messaging
Firewall
Intrusion
PreventionRSS
Active Directory
Twitter
Electric Car
POS Card
Reader
Energy
Meters
Expansive and Integrated Ecosystem
OSS and cloud native technology integrations increase the value of your investment
7.1
Firehose

© 2019 SPLUNK INC.
► Helps users understand the crucial concepts
related to getting data into Splunk
► Addresses most common data sources:
networking, OS, security (e.g. firewall)
► Data onboarding methodologies tailored to
users’ specific Splunk architecture: single
instance, single search head with clustered
indexers, or Splunk Cloud
Guided Data Onboarding
Intuitive interface for getting data into Splunk
7.2

© 2019 SPLUNK INC.
Metrics and Events
Taking the meh out of metrics
Metrics
• Set of numbers describing a particular process or activity
• Measured over intervals of time – i.e., time series data
• Unlike log generation and storage, metrics generation
and storage has a constant overhead – cost doesn’t
increase with system activities that could result in a
sharp uptick in data observability (e.g., user traffic)
• Common metrics sources:
• System metrics (CPU, disk memory)
• Infrastructure metrics (AWS CloudWatch)
• Web tracking scripts (Google Analytics)
• IoT Sensors (temperature readings)
Events
• Immutable record of discrete events that happen over time
• Come in three forms: plain text, structured, binary
• Omnipresent–attached to every packet that enters or
leaves a network interface card
• Common event sources:
• System and server logs (syslog, journald)
• HEC
• APIs (Twitter, Wunderground)
• Application, platform and server logs (log4j, log4net,
Apache, MySQL, AWS)
Timestamp Metric Name Value Dimensions
1481050800 os.cpu.user 42.12345 hq:us-west-1
Sample Metric
[29/Aug/2017 08:47:05:316503] "POST /cart.do?uid=84e8d742-a31d69&action=remove&&product_id=BS-
2&JSESSIONID=SD6SAL4FF1ADFF9 HTTP 1.1" 200 2569 "http://www.buttercupenterprises.com/product.screen?
product_id=BS-2" "Mozilla/5.0 (Intel Mac OS X 10_12_2) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/57.0.2957.0 Safari/537.36" 98
Sample Log
Equivalent to
1 metric value
7.0

© 2019 SPLUNK INC.
► Up to 2,000x speed improvement on the
same log search (workload) versus
► All Splunk platform benefits apply:
• Visualizations and alerting
• Role-based access controls
• Data onboarding
• Clustering, scaling and alerting
• Leverage open source for existing sourcetypes
(statsd, collectd)
Metrics in Splunk Enterprise
Lightning-fast performance when searching on metrics
7.1

© 2019 SPLUNK INC.
► Intuitive interface for converting
log events to metrics
► Take advantage near-real-time
performance when searching and alerting on
metrics, as well as the new Splunk Metrics
Workspace
Logs to Metrics
Take advantage of metrics performance by converting your logs to metrics
7.2

© 2019 SPLUNK INC.
Breakthrough Performance,
Manageability and Scale

© 2019 SPLUNK INC.
► Independently scale up/down compute
(CPUs) and data storage based on business
demands
► Automatically evaluates users’ data
access patterns (via app-aware cache) –
placing actively accessed data in local
storage for real-time analytics; inactive data
moved to low-cost, remote storage
(any S3-compatible environment)
SmartStore
Maintain performance and availability while lowering TCO
7.2
Search
Indexers Storage

© 2019 SPLUNK INC.
Classical Architecture
Hot/Warm
Storage
Cold
Storage
Frozen
Storage

© 2019 SPLUNK INC.
Smart Store Architecture
Upload
Download
Eviction Removal
Remote Storage
[remotePath]
Hot/Cache
Storage
[homePath]
Frozen
Storage
[coldToFrozen*]

© 2019 SPLUNK INC.
Smart Store Architecture
Remote Storage
Hot/Cache
Storage
Hot/Cache
Storage

© 2019 SPLUNK INC.
► Policy-based and admin-controlled
mechanism to reserve system resources
used for ingestion and search
► Ensures most critical indexes, searches
and alerts are completed first (e.g. analytics
on latest product launches)
Workload Management
Prioritize analytics workloads based on organizational demands
7.2

© 2019 SPLUNK INC.
► Official Splunk Support for Enterprise 7.2
deployments in Docker containers
► All the benefits of Docker…
►Fast deployments
►Easily expand (or contract) Splunk footprint;
onboard new teams and users
►Lower TCO via decreased hardware, OS and
hypervisor requirements
Splunk on Docker
Fast deployments. Easily expandable. Lower TCO.
7.2

© 2019 SPLUNK INC.
Empowering More Users

© 2019 SPLUNK INC.
► Major update within the Search and
Reporting SplunkbaseTM app; compatible
with Splunk Enterprise and Splunk Cloud
release 7.1 and beyond
► Drag-and-drop interface to explore large
volumes of incoming metrics data and
create advanced alerts
► Dashboard panels can be saved and
displayed in your existing Splunk
dashboards
Splunk Metrics Workspace
Easily visualize metrics without using Splunk Search Processing Language (SPL)
7.2

© 2019 SPLUNK INC.
► Quickly understand the overall health
status of your Splunk environments
► Customizable, allowing users to set their
own thresholds
► REST-based endpoints easily integrate
with other systems
► Provides a reason, context, and tips to
resolve a unhealthy state
Health Report
Real-time health monitoring of your Splunk deployment
7.2

© 2019 SPLUNK INC.
► Screen reader-friendly UI
► Mouse not required–easily navigate Splunk
with just a keyboard
► Enhanced visual contrast in Splunk UI for
visually impaired users
► Addresses US Federal Government Section
508 standard and Web Content Accessibility
Guidelines (WCAG) for electronic and
information technology accessibility
Splunk Accessibility Enhancements
Enabling disabled users to get more value out of their data
7.2

© 2019 SPLUNK INC.
Refreshed User Interface
Crisp and consistent UI spanning Splunk products and Splunk.com
7.1

© 2019 SPLUNK INC.
Dashboard Dark Mode
One click-way to heighten visual contrast and optimize for NOC/SOC environments
7.2

© 2019 SPLUNK INC.
Accelerate Business Value Through
Artificial Intelligence

© 2019 SPLUNK INC.
Artificial Intelligence and Machine Learning
Splunk platform is designed for expansive and customizable AI and ML use cases
Splunk Premium Solutions
Out-of-the-box AI and ML experience for specific use cases
Machine LearningAIOps
Machine Learning Toolkit
(MLTK)
Analytics-driven Security
• Designed for IT and security practitioners
• Machine learning-embedded within products;
users select data sets and adjust the model
• Does not require a data scientist
Splunk Platform
Customizable AI and ML for all use cases
• Codeless, step-by-step machine learning
• Integrates with open source algorithms
• Launch inside any Splunk search or query
• Requires Splunk and analytics expertise

© 2019 SPLUNK INC.
2. Splunk MLTK Container for TensorFlow
extends the value of Splunk MLTK with additional
contributions and functionality provided by
TensorFlow, the OSS library for high performance
numerical computation.
3. Splunk Machine Learning Toolkit Connector
for Apache Spark allows users to leverage their
own Spark clusters for fitting models on large
datasets using Spark infrastructure vs. the Splunk
Search Head, delivering faster compute on
certain algorithms, easier scaling and high
elasticity. New Spark and Splunk configuration UI
facilitates testing of the Spark connection and set
up. Support for additional MLlib algorithms out-of-
the-box.
1. Splunk Community for MLTK Algorithms on
GitHub enables Splunk MLTK users to share
code and custom algorithms, and get feedback
and tips from fellow Splunk MLTK users, the
Splunk team, and other GitHub community
members.
New with
MLTK 4.0

© 2019 SPLUNK INC.
Fastest time
to value
Eliminates
infrastructure
requirements
Maximizes value
from limited
resources
The benefits of Splunk as a service

© 2019 SPLUNK INC.
Splunk Cloud
● Go-live fast–In a matter of days, not weeks
● Minimize delays and change management processes for upgrades
● Expand your Splunk deployment quickly—1TB incremental capacity
available within two days
● Operate premium Splunk solutions—including Splunk ITSI and
ES—at the highest-level of maturity and availability within weeks
Fastest time to value
Eliminates infrastructure
requirements
Maximizes value from
limited resources
Splunk Cloud delivers the benefits of Splunk Enterprise—the easiest way to aggregate, analyze and get
answers from your machine data—deployed and managed securely, reliably, and scalably as a service

© 2019 SPLUNK INC.
● No need to purchase, deploy, and manage infrastructure—you save
money (or time) on servers, storage and people
● Redundant environments mean you can feel assured that critical
operations are maintained when you need them
● Adheres to most rigorous security standards
○ Dedicated cloud environment for each customer (single tenant infrastructure for
compute, but not for storage)
○ ISO 27001, SOC 2 Type 2, PCI and HIPAA-certified
○ Includes encryption in-transit—any data traveling over a network is SSL encrypted by
default
○ Optional encryption at rest—stored data can be encrypted at incremental cost (+15%
increase to Splunk Cloud list price)
requirements
limited resources
Splunk Cloud

© 2019 SPLUNK INC.
Splunk Cloud
● Splunk manages about 75% of typical infrastructure management and
admin tasks so you can transition your teams to doing higher-value
business functions
● Low total cost of ownership (TCO), often less than cost of running your
own software
● 600+ Splunkbase apps ready for Splunk Cloud deployments—ready-to-
use analytics, alerts, dashboards, and visualizations
requirements
limited resources

© 2019 SPLUNK INC.
deleted dataDynamic Data:
Self-Storage
Dynamic Data:
Active Archive
Splunk Cloud:
Active Searchable
Index 3 365-day retention
Index 3 permanent
Dynamic Data
Retain infrequently accessed data to meet compliance requirements.
Easily resurrect to search when required.
Dynamic Data: Active Archive
• New with Splunk Cloud release 7.2
• Move less-frequently accessed data
to cost-effective, Splunk-managed
data archive
• Easily restore data into Splunk Cloud
Dynamic Data: Self-Storage
• Introduced with Splunk Cloud
release 7.1
• Tiered data storage service
empowers you to move data from
Splunk Cloud to your own Amazon
S3 environment
• Data no longer accessible via
Splunk Cloud
Index 1 3 years

© 2019 SPLUNK INC.
►New Splunk Cloud SKU featuring:
• Splunk Cloud subscription with HIPAA or
PCI compliance
• Encryption at Rest
• Splunk Standard Success Plan
►Assurance Splunk Cloud will manage customer data in
accordance with strict regulations:
• Health Insurance Portability and Accountability Act (HIPAA),
the standard for US-based organizations that deal with
sensitive patient data
• Payment Card Industry Data Security Standard (PCI DSS),
standards designed to ensure organizations that accept,
process, store or transmit credit card information maintain a
secure environment
Splunk Cloud Regulatory Compliance
Confidently navigate sensitive data while maintaining compliance, without the
overhead

© 2019 SPLUNK INC.
Premium
Customer Support and Professional Services
More flexibility for mission critical use cases
Standard
Base
Splunk Customer Success
Customer Success levels
aligned with the degree of
consultation customers require
to configure their unique
Splunk environments
Splunk Support
Scaling up to support mission critical
workloads with multiple support
levels featuring varying response
time guarantees, and a range of
direct access commitments to
Splunk Support professionals
Splunk Professional Services
Professional Service levels
designed to provide increasing
service, from adoption
assistance and acceleration to
onsite implementation
Consistency across
Splunk Services
From baseline to
mission-critical,
Splunk offers a variety of
support and services
levels to address
evolving business needs

© 2019 SPLUNK INC.
Secure Encrypted
Access to All Data
Push Notification
Alerts
Push-Button Event
Remediation
Splunk Mobile
ANNOUNCING

© 2019 SPLUNK INC.
Splunk
Cloud
Gateway
TLS + E2E
Encryption
Cloud
Gateway
Service
Firewall
Mobile On-Prem
Mobile Cloud
Gateway Connect

Splunk Cloud and Splunk Enterprise 7.2

More Related Content

What's hot

Similar to Splunk Cloud and Splunk Enterprise 7.2

More from Splunk

Recently uploaded

Splunk Cloud and Splunk Enterprise 7.2